##// END OF EJS Templates
security: make sure the admin of repo can only delete comments which are from the same repo....
security: make sure the admin of repo can only delete comments which are from the same repo. - fixes IDOR issue - protects against other people comment deletion by repo admins.

File last commit:

r1:854a839a default
r1818:1ced1b24 default
Show More
user-admin.rst
22 lines | 696 B | text/x-rst | RstLexer

User Administration

|RCM| enables you to define permissions for the following entities within the system; users, user groups, repositories, repository groups.

Within each one of these entities you can set default settings, and then all users or |repos| inherit those default permission settings unless individually defined. Each of these entities can have the following permissions applied to it; None, Read, Write, or Admin.